LDAPServerIntegrity is a Microsoft Active Directory setting in the Windows registry on Domain Controllers to indicate the policy for "LDAP Signing"

Microsoft in order to prevent Man-In-The-Middle (MiTM) Replay attacks which are considered DUA (clients) which performed Bind Requests without integrity of the LDAP Message which are either:

Configuring Domain Controllers for LDAP Signing#

You can use a Windows registry key or Group Policy Object (GPO) to configure Domain Controllers for LDAP Signing

More Information#

There might be more information for this subject on one of the following: